Volatility v2.0 An advanced memory forensics framework release

Volatility advanced memory forensics framework

The Volatility Framework is a completely open collection of tools, implemented in Python under the GNU General Public License, for the extraction of digital artifacts from volatile memory (RAM) samples. The extraction techniques are performed completely independent of the system being investigated but offer unprecedented visibilty into the runtime state of the system. The framework is intended to introduce people to the techniques and complexities associated with extracting digital artifacts from volatile memory samples and provide a platform for further work into this exciting area of research.

Highlights of this release include:

  • Restructured and depolluted namespace
  • Usage and Development Documentation
  • New Configuration Subsystem
  • New Caching Subsystem
  • New Pluggable address spaces with automated election
  • New Address Spaces (i.e. EWF, Firewire)
  • Updated Object Model and Profile Subsystems (VolatilityMagic)
  • Support for Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7
  • Updated Scanning Framework
  • Volshell integration
  • Over 40 new plugins!

Download Version :


  1. […] Volatility v2.0 An advanced memory forensics framework release … […]

  2. How can I drive more traffic to my railroad blog?

    • There is lots that you can do to get more traffic to your blog.

      You need to register your blog with the search engines eg: http://www.google.com/addurl

      You should use keyword rich content in order to be better indexed by search engines (in your case use words like ‘railroad’ etc frequently so that when someone goes onto google and search for railroad then google knows that your site is relevant)

      You should join blogger communities like http://www.bloggerforum.com and be active, put your url in your signature so there are lots of links to your site on the net.

  3. glad to be one of the visitors on this awful internet site : D.

Sorry, the comment form is closed at this time.

Comments RSS